WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

WP Image Zoom <= 1.23 - Cross-Site Request Forgery (CSRF)

Description

The WP Image Zoom WordPress plugin was affected by a Cross-Site Request Forgery (CSRF) security vulnerability.

Affects Plugins

wp-image-zoooom
Fixed in version 1.24

References

URL
https://advisories.dxw.com/advisories/wp-image-zoom-dos/
URL
https://seclists.org/fulldisclosure/2018/Apr/23

Classification

Type

CSRF

OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Submitter

Ryan

Submitter twitter
ethicalhack3r
Verified

No

WPVDB ID
38939de8-bd3b-4014-bd3a-578e49342f26

Timeline

Publicly Published

2018-03-29 (about 4 years ago)

Added

2018-04-12 (about 4 years ago)

Last Updated

2019-11-01 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin